<?php
session_start();

//echo "<pre>";
//print_r($_SESSION);
//print_r($data);exit;
require 'include/config.inc.php';
include FB_ABSPATH."/db/opendb.php";

if(isset($_REQUEST['fb_signed_id'])) {
	$fb_signed_id = $_REQUEST['fb_signed_id'];
}
else {
	//Check if user has fb user id on our main application
	$signed_request = $_REQUEST["signed_request"];

	list($encoded_sig, $payload) = explode('.', $signed_request, 2);

	$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
	$fb_signed_id = $data['page']['id'];
}
//echo "ID:$fb_signed_id";
//echo "<pre>";print_r($_REQUEST);
//echo "<pre>";print_r($data);exit;
if(isset($_POST['btnSubmit_x'])) {

	$username='';
	$password='';
	if(isset($_POST['username']))
	$username = $_POST['username'];
	if(isset($_POST['password']))
	$password = md5($_POST['password']);

	if($username && $password)
	{
		$query = "select Verified, Role, Password, ID from Users where Username='".$username."'";
		//echo $query;
		$result = mysql_query($query) or die ("SQL Error".mysql_error());
		$row=mysql_fetch_assoc($result);
		if(!$row['Password'] || $row['Password'] !=$password)
		{
			$err_msg = "The login information you have supplied is incorrect!";
			//include "information.php";
		}
		else if($row['Verified'] != '1')
		{
			$err_msg = "This user account is not verified!";
		}
		else
		{
			$_SESSION['username']=$username;
			$_SESSION['role']=$row["Role"];
			$user_id = $_SESSION['id']=$row["ID"];
			//set the type session variable : basic/single/starter/pro/power
			$query = "select Type from Users where Username='".$username."'";
			//echo $query;
			$result = mysql_query($query) or die ("SQL Error".mysql_error());
			$row=mysql_fetch_assoc($result);
			$_SESSION['type']=$row['Type'];

			//Now check if user has fb user id on our main application

			$sql = "SELECT * FROM facebook_user_map WHERE fb_signed_id='$fb_signed_id'";
			$rs = mysql_query($sql);
			if(mysql_num_rows($rs) < 1 && $fb_signed_id) {
				//add id
				$sql = "INSERT IGNORE INTO facebook_user_map (user_id, fb_signed_id) VALUES ('$user_id','$fb_signed_id')";
				$rs = mysql_query($sql);
			}
			$err_msg = "YES";
		}
		//		echo $err_msg;exit;
	}
}

$sql1 = "SELECT * FROM facebook_user_map WHERE fb_signed_id='$fb_signed_id'";
$rs = mysql_query($sql1);
if(mysql_num_rows($rs) > 0) {

	$row = mysql_fetch_assoc($rs);
	$user_id = $row['user_id'];

	include FB_ABSPATH."/facebook/classes/Paginator.class.php";
	$sql = "select p.* from PROPERTIES p inner join Prop_Owner_Con c on p.OID = c.Prop_OID where c.Owner = '$user_id' and LISTSTATUS = 'Active'";
	$rs = mysql_query($sql);
	$total_recs = mysql_num_rows($rs);
	$limit = 5;
	$from = isset($_GET['page_'])?(int)$_GET['page_']:1;

	$offset = ($from-1)*$limit;

	$mquery = "select p.* from PROPERTIES p inner join Prop_Owner_Con c on p.OID = c.Prop_OID where c.Owner = '$user_id' and LISTSTATUS = 'Active' ORDER BY sort_order LIMIT $offset, $limit";
	$mresult = mysql_query($mquery) or die ("SQL Error".mysql_error());

	$params = $_GET;
	$params['fb_signed_id'] = $fb_signed_id;
	$pagination = Paging::getPaging1($total_recs, $limit, $params, CANVAS_URL);
?>
<link type="text/css" rel="stylesheet" href="<?php echo CANVAS_URL?>/style/style.css" />
<div class="list_head">Active Listings</div>
<?php echo $pagination?>
<table width="100%"  border="0" cellspacing="0" cellpadding="0">
<?php
if(mysql_num_rows($mresult))
{
	while ($row = mysql_fetch_assoc($mresult))
	{
		//		echo "<pre>";print_r($row);
		$query = "select * from Listing_Images where Listing_ID = '".$row['OID']."' and Main_Photo = 1";
		$result = mysql_query($query) or die ("SQL Error".mysql_error());
		$lrow = mysql_fetch_assoc($result);
		if($lrow['Path']!='')
		{
			$img_url = SITE_URL."/listing_images/t_".$lrow['Path'];
		}
		else
		{
			$img_url = "http://www.realivent.com/listing_images/nia_thumb.gif";
		}
		$title = $row['STREETNUM']." ".$row['STREETNAME']." ".$row['STREETSUFFIX'].", ".$row['CITY']." ".$row['STATE'];
		$url = SITE_URL."/listing_details.php?listing_id=".$row['OID'];
		$description = $row['BEDS'] ." Beds | ".$row['BATHSTOTAL']." Baths | ".number_format($row['SQFTTOTAL'], 0)." SQFT | Covered Parking: ".$row['PARKINGCOVERED'];
		$price = number_format($row['LISTPRICE'], 0);
		$listing_detail_url = ($row['custom_url'])?$row['custom_url']:SITE_URL."/vt/{$row['OID']}";
		?>
		<TR>
			<TD width="120">
				<img style="border:1px solid black;" src=<?php echo $img_url?>>
			</TD>
			<TD>
				<div class="list_title"><?php echo $title ?></DIV>
				<div><?php echo $description?></div>
				<div><b>Price:</b> $<?php echo number_format($row['LISTPRICE'], 0) ?></div>
				<div><a href="<?php echo $listing_detail_url?>" target="_blank">View Listing</a><!-- | <a href="javascript:;" onclick="fb_publish('<?php echo $img_url?>', '<?php echo $title?>', '<?php echo $url?>', '<?php echo $description?>', '<?php echo $price?>')">Post to Newsfeed</a>--></div>
			</TD>
		</TR>
		<?php
	}
}
else {
	echo "<tr><td>No listings found</td></tr>";
}
?>
</table>
<div><a href="<?php echo APLICATION_PROFILE_URL?>" target="_blank">View the Application</a></div>
<?php
}
else {
	?>
<script src="<?php echo SITE_URL?>/facebook/js/jquery-1.5.1.min.js"></script>
<script>
$(document).ready(function() {
	$('#login_link').click(function() {
		$('#info_box_centered_container').animate({
			opacity: 1,
			left: '+=50',
			height: 'toggle'
		}, 1000, function() {
			// Animation complete.
		});
	});
});
</script>
	<div id="success_msg" style="border: thin solid #E8E8E8;clear: both;margin: 0 auto;padding: 10px;display:none;">
		<div style="font-size:15px;font-weight:bold;color:#627AAD;margin:10px;">
			Please click on 'My Listings' tab to load your property listings.
		</div>
	</div>
	<div id="login_form">
	Please login to your Realivent account to show off your listings on this page.<br><br>
	<a href="#" id='login_link'>Click here to login</a>.
<br><br>

	Don't have Realivent account? <a href="<?php echo SIGNUP_URL?>">Create one</a>
	
	
	<link href="<?php echo CANVAS_URL?>/style/fb2.css" rel="stylesheet" type="text/css" />
	
	<div id="about" style="display: none">
Facebook is a social utility that connects people with friends and others who work, study and live around them.
People use Facebook to keep up with friends, upload an unlimited number of photos, share links and videos, and learn more about the people they meet.
</div>

<div style="width: 750px;display:none" id="info_box_centered_container">
      <div align="left" style="height: auto;" class="info_box_top">
        <h1>Realivent Login</h1>
      </div>
      <div align="left" class="info_box_middle">
        <blockquote>
        
          <blockquote>
            <p>Please login using your realivent account to show off your listing on this page.</p>
			<p></p>

<div class="two_column">
  <div class="left"> </div>
  <div style="width: 500px;" class="left">
    <form action="<?php echo CANVAS_URL?>new_tab.php" id="ContactForm" name="ContactForm" method="post">
    	<input type="hidden" value="<?php echo $fb_signed_id?>" name="fb_signed_id" />
    	<input type="hidden" value="1" name="btnSubmit_x" />
      <label class="app">Username</label>
      <input type="text" tabindex="1" value="" name="username" id="username"/>      <br/>
      <label class="app">Password</label>
      <input type="password" tabindex="2" value="" name="password" id="password"/>       <br/>
      <input type="submit" class="submit" value="Login"/>
    </form>
  </div>
</div>
<input type="button" value="Show" class="thickbox" title="Thanks!" alt="#TB_inline?height=50&amp;width=250&amp;inlineId=messageDiv" style="display: none;" id="messageShow"/> 
          </blockquote>
        </blockquote>
      </div>
	  <div>
	  <p align="left">
	    
	  </p>
	  </div>	  
      <div class="info_box_bottom"/>
    </div>
</div>
<?php
}
?>